Skip to main content

Microsoft Azure Active Directory (AAD)

This object allows for the use of Microsoft AAD as an identity provider for accessing Dremio.

Identity Provider Object
{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": null
}

Identity Provider Attributes

type

String

The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.


id

String (UUID)

The UUID to identify the identity provider.

Example acd23077-263a-4277-b5f6-926b1983c9de


isActive

boolean

Set to true if the identity provider is configured and enabled. Otherwise displays as false.

Example true


domain

String

The domain of your Azure AD account in the Azure portal.

Example dremio.onmicrosoft.com


clientID

String

The client ID or application ID of your registered Dremio application on the Azure portal.

Example e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff


clientSecret

String

The client secret of your registered Dremio application on the Azure portal.

Example The client secret is not shown in the object and so the value is returned as `null`


Adding Microsoft AAD

Add Microsoft AAD as an identity provider. After adding an IdP, activate it using the associated endpoint.

Adding Microsoft AAD
POST /v0/identity-providers

Parameters

type

body

String

The type of identity provider. For Microsoft AAD, this attribute value will always be AZURE-AD.


isActive

body

boolean

Optional

Set to false to add Microsoft AAD as an identity provider.


domain

body

String

The domain for your Microsoft AAD account in the Azure portal.


clientID

body

String

The client ID or application ID of your registered Dremio application on the Azure portal.


clientSecret

body

String

The client secret of your registered Dremio application on the Azure portal.

note

For information on how to get the domain, client ID, and client secret from the Azure portal, see required Azure AD properties.

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json' \
-d '{
"type": "AZURE_AD",
"isActive": "false",
"domain": "dremio.onmicrosoft.com",
"clientID": "e1ccc408-4cc8-8883-9b9b-9ec6a6e96fff",
"clientSecret": "aaAaA_a1aA1A_A1aaa_1a~aaA1_A11-AA1"
}'
Example Response
{
"id": "acd23077-263a-4277-b5f6-926b1983c9de"
}

Responses

200

Identity Provider added successfully

400

Bad input parameter


Retrieving Microsoft AAD

Get the metadata for Microsoft AAD by providing the identity provider ID that was returned on creation.

Retrieving Microsoft AAD
GET /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the Microsoft AAD identity provider for which you want to retrieve metadata.

Example Request
curl -X GET 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
{
"type": "AZURE_AD",
"id": "acd23077-263a-4277-b5f6-926b1983c9de",
"isActive": true,
"domain": "dremio.onmicrosoft.com",
"clientID": "e1cec408-4c58-4283-9b9b-9ec6a6e96f83",
"clientSecret": null
}

Responses

200

Identity Provider returned successfully

400

Bad input parameter


Activating Microsoft AAD

Activate Microsoft AAD as an identity provider, once configured. This will show Microsoft AAD as an option to users on the Dremio Cloud login page.

Activating Microsoft AAD
POST /v0/identity-providers/{id}/activate

Parameters

id

path

String

The ID of the identity provider that you want to activate.

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/activate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200

Identity Provider activated successfully

400

Bad input parameter


Deactivating Microsoft AAD

Deactivate Microsoft AAD. The Microsoft AAD option will no longer be available to users for authentication to Dremio Cloud and it will not be shown on the login page.

Deactivating Microsoft AAD
POST /v0/identity-providers/{id}/deactivate

Parameters

id

path

String

The ID of the identity provider that you want to deactivate.

Example Request
curl -X POST 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de/deactivate' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200

Identity Provider deactivated successfully

400

Bad input parameter


Deleting Microsoft AAD

Delete Microsoft AAD.

Deleting Microsoft AAD
DELETE /v0/identity-providers/{id}

Parameters

id

path

String

The ID of the identity provider that you want to delete.

Example Request
curl -X DELETE 'https://api.dremio.cloud/v0/identity-providers/acd23077-263a-4277-b5f6-926b1983c9de' \
-H 'Authorization: Bearer <personal access token>' \
-H 'Content-Type: application/json'
Example Response
No response

Responses

200

Identity Provider deleted successfully

400

Bad input parameter